| 标题 | itwanger paicoding 1.0.3 Logical loopholes 1 |
|---|
| 描述 | In Paicoding system v1.0.3, by accessing the "/user/home?userId=1&homeSelectType=read" interface, it is possible to directly read the browsing history of other users, which is not visible in the design and has logical vulnerabilities, posing a threat to user privacy |
|---|
| 来源 | ⚠️ https://github.com/uglory-gll/javasec/blob/main/paicoding.md |
|---|
| 用户 | uglory (UID 82151) |
|---|
| 提交 | 2025-04-13 08時29分 (1 年前) |
|---|
| 管理 | 2025-04-26 09時08分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 306302 [itwanger paicoding 1.0.3 Browsing History home?userId=1&homeSelectType=read 信息公开] |
|---|
| 积分 | 17 |
|---|